弹簧验证：不同的登录形式

Question

我有一个弹簧安全的web项目。 我有不同的角色，比如ROLE_ADMIN，ROLE_USER，ROLE_TESTER，ROLE_ANONYMOUS不同拦截的URL，比如：现在

<intercept-url pattern="/secure/admin/**" access="ROLE_ADMIN" /> 
<intercept-url pattern="/secure/**" access="ROLE_USER,ROLE_ADMIN" /> 
<intercept-url pattern="/**" access="ROLE_ANONYMOUS,ROLE_USER,ROLE_ADMIN" /> 

，如果有人试图访问/secure/admin/user/list.mvc，我想他将被重定向到另一个登录表单，而不是正常的：

<form-login login-processing-url="/j_spring_security_check" login-page="/start.mvc" 
     authentication-success-handler-ref="authenticationSuccessHandler" 
     authentication-failure-handler-ref="authenticationFailureHandler" 
/> 

有没有可能这样做？

Answer 1

以Spring Security> = 3.1，你可以有类似于这种多http元素：

<!-- Configure realm for system administration users --> 
<security:http pattern="/secure/admin/**" create-session="stateless"> 
    <security:intercept-url pattern="/**" access='ROLE_ADMIN' requires-channel="https" /> 
    ...form login... etc 
</security:http> 


<!-- Configure realm for standard users --> 
<security:http auto-config="true" access-denied-page="/error/noaccess" use-expressions="true" create-session="ifRequired"> 
    <security:form-login login-page="/login" 
      ... 
      ... 
</security:http>